• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 317
  • Last Modified:

Mail sent from non users received by users on same domain exchange 2003

I'm receiving alot of spam from non users on my domain addressed to valid users.

I'm running exchange 2003 with the latest service pack along with mail essentials from gfi.

Other spam is being blocked properly.

Any idea's why this is happening?

Thanks
0
john_991
Asked:
john_991
1 Solution
 
MikeCommented:
Just to clarify. Are you receiving mail from your own domain with fake user names?
0
 
john_991Author Commented:
Yes, sent by fake users with the same domain name addressed to users who are on the domain.

i.e. Sent from abc@ere.com who is not on the domain addressed to xyz@ere.com who is on the domain.
0
 
GovvyCommented:
This will be spoofing performed by spambots external to your organisation marking the sender field with your smtp address. It is likely that your spam filtering solution has an exception for your domain name which you should remove to address this issue
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
MikeCommented:
Your being spoofed. You should contact you ISP about adding an SPF record to your DNS entries.
0
 
MikeCommented:
This will be helpfull in the process. Most ISPs will require you to submit the what you what the DNS entry to be.

http://www.openspf.org/
0
 
MikeCommented:
Just a heads up. If you are being spoofed it is possible other people than the people in your domain may be receiving these spoofed e-mails as well.
0
 
john_991Author Commented:
I have this already in my dns server (spf record)

ere.com. 60 IN TXT "v=spf1 a ~all"

any other idea's?
0
 
MikeCommented:
To clarify: In "your" DNS server? Do you mean in your internal DNS (.local, etc) or public (.com, etc).

Also, Check out one of the e-mails headers to see where it actually came from. It is possible that you have a client with a spam-bot doing this.



0
 
john_991Author Commented:
It's in the external dns server. (my hosting company's dns server)

Will look at the header soon.
0
 
Jamie McKillopIT ManagerCommented:
Hello,

The SPF records are not going to help unless you have a mail gateway product that implements them. Exchange 2003 doesn't have built-in support. I'm not sure if Mail Essentials uses them. Most mail gateway products have an option to turn on anti-spoofing. This will prevent servers that are not specifically listed as internal from sending mail into your organization using one of your domains. Check the documention or ask GFI support if Mail Essentials has this feature.

JJ
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now